Background - some times stack-protector is too-simple while stack-protector-all over-kills, for example, to build one of our core systems, we forcibly add "-fstack-protector-all" to all compile commands, which brings big performance penalty (due to extra stack guard/check insns on function prologue and epilogue) on both atom and arm. To use "-fstack-protector" is just regarded as not secure enough (only "protects" <2% functions) by the system secure team. "-fstack-protector-strong" hits the balance between "-fstack-protector" and "-fstack-protector-all".

Adds the check to a function:

if any of its local variable’s address is taken, as part of the RHS of an assignment

or if any of its local variable’s address is taken as part of a function argument.

or if it has an array, regardless of array type or length

or if it has a struct/union which contains an array, regardless of array type or length.